Programmer Helper

This is a basic site for dealing with programming help. I will just post anything, on programming, that I have learnt something new. Guess that would be useful to you also. I'm going to use this as a repository for storing valuable programming tips, that I suddenly find it difficult to locate it, either in my PC or in the Net.
Happy learning.. :o). Check out my old blog .. http://edwardanil.blogspot.com

Tuesday, January 06, 2015

HOSTING

• Beware cheap ($5-$10/month) shared hosting accounts. • Look for hosts with experience hosting WordPress sites. • Look for hosts with solid support. • Look for hosts that are transparent: who communicate quickly and post issues online. • Make sure your host does regular backups that you can access. • Call your potential host to find out which versions of Apache web server, MySQL, and PHP they’re running. Check the version release dates with a Google search.• Ask your host for written documents containing their server data backup, failover, and update or maintenance policy. If they don’t have them, find another host. • Recommended hosts: WP Engine and ZippyKid

HARDENING AND PROTECTING WORDPRESS

• To harden your WordPress install, follow these steps.• Keep WordPress, themes, and plugins up to date. Always. Period. • If you’re unsure about how to update WordPress, themes, and plugins, hire someone to do it for you. • Backup your site before you update WordPress, themes, and/or plugins.• Disable unused user accounts. • Never use “Admin” as your username. Ever. • Grant users the minimum privilege they need to do their jobs. • Require strong passwords. • Use 1Password or KeePass to create strong passwords. • Use a different, strong password for every site log in. • Lock down the WordPress admin dashboard (/wp-admin) using an .htaccess file. • Use SFTP to access your web host. • Enable SSL on your WP install. • Change your passwords once a month. Set a reminder in your calendar if you have to. • Do backups. Recommended: BackupBuddy, VaultPress• Set file permissions at 644 and 755 for folders. • Ensure that the permissions on wp-config.php are not world readable especially in a shared hosting environment. • Consider adding HTTP authentication to your /wp-admin/ area. • Read Sucuri.net’s blog. • Read Google’s security blog.

CHOOSING THE RIGHT PLUGIN

• Look for WordPress Plugin API hooks, actions, and filters. • Look for properly sanitized data and MySQL statements, unique namespace items, use of the Settings API for any plugin settings or options. • Look for plugins that use nonces instead of browser cookies. • Check out how quickly the developer responds to support requests. • Check out forum threads to see how well the plugin is supported. • Is the developer a known and respected member of the community?• Look for a plugin that does one or two tasks really well. • If two plugins do similar things, choose the one with the higher download count.

YOU’VE BEEN HACKED. NOW WHAT?

• Take the site offline. Now. That way you avoid getting a bad rap from search engines and antivirus programs. • Let your web host know what happened. • Make a full backup of the infected site. It’s helpful for reviewing what happened and in case you mess up something during the repair. • Change all of your passwords and the authentication keys in the wp-config.php. • Remove any old themes, plugins, and unused code from your server. • Update all code on your server. Re-install WordPress so all of the WordPress files are overwritten with fresh copies. • Reinstall themes or plugins with fresh copies to make sure no malicious code was inserted. • Check that the file permissions on your files are correct, especially wp-config.php and uploads. • Remove the rogue code and make sure you check all sites on your hosting account. There are tools that can help scan and clean the infection such as VaultPress. Exploit Scanner also scans for certain exploits. • If you don’t have the ability to fix the infected files the best thing to do is restore from a recent clean backup. • Check your server access logs. Search for any bad file names that you found on your server, patterns passed as query strings, or dates/times that may clue you in to when the attack happened.

Sunday, January 15, 2012

Deadlocking occurs when two user processes have locks on separate objects and each process is trying to acquire a lock on the object that the other process has. Usualy, they have different incompatible locks which are illegal or conflict (as per the compatible mode on locks).When this happens, SQL Server identifies the problem and ends the deadlock by automatically choosing one process and aborting the other process, allowing the other process to continue. The aborted transaction is rolled back and an error message is sent to the user of the aborted process. Generally, the transaction that requires the least amount of overhead to rollback is the transaction that is aborted.

Identify Deadlock:

Using SQL Profiler

Using System_health extended event(It highly depends on the ring buffer)

Here are some tips on how to avoid/resolve deadlocking on your SQL Server:

Ensure the database design is properly normalized.

Have the application access server objects in the same order each time.

During transactions, don’t allow any user input. Collect it before the transaction begins.

Avoid cursors.

Keep transactions as short as possible. One way to help accomplish this is to reduce the number of round trips between your application and SQL Server by using stored procedures or keeping transactions with a single batch. Another way of reducing the time a transaction takes to complete is to make sure you are not performing the same reads over and over again. If your application does need to read the same data more than once, cache it by storing it in a variable or an array, and then re-reading it from there, not from SQL Server.

Reduce lock time. Try to develop your application so that it grabs locks at the latest possible time, and then releases them at the very earliest time.

If appropriate, reduce lock escalation by using the ROWLOCK or PAGLOCK.

Consider using the NOLOCK hint to prevent locking if the data being locked is not modified often.

If appropriate, use as low of an isolation level as possible for the user connection running the transaction.

Consider using bound connections.

Adding missing indexes to support faster queries

Dropping unnecessary indexes which may slow down INSERTs for example

Redesigning indexes to be "thinner", for example, removing columns from composite indexes or making table columns "thinner" (see below)

Adding index hints to queries appropriately(I dont prefer this mostly, but it has got its own scope)

Tuesday, April 26, 2011

Whether developing, testing, or deploying your apps in the cloud, you have to unlearn some beliefs and learn new ones to make it work

Application development and testing in the cloud are gaining popularity, as more businesses launch public and private cloud computing initiatives. Cloud development typically includes integrated development environments, application lifecycle management components (such as test and quality management, source code and configuration management, continuous delivery tools), and application security testing components.

Although technology executives and developers with experience in cloud-based development say there are clear benefits to developing in these environments -- such as costs savings and increased speed to market -- they also caution that there are challenges and surprises to look out for.

Developers might find that the configuration they use in production is hard to replicate on cloud services. For example, with an application you develop in the cloud before bringing back to run locally, you might need to test against a legacy system that you can't simply copy onto a cloud service

Gotcha 2: Some apps aren't ideal for development in the cloud

The more hard-to-access or hard-to-replicate systems an application integrates with, the more difficult it is to develop and test it on cloud computing resources

Gotcha 3: Developers often dislike the unfamiliar cloud territory

Cloud computing is still relatively new to a lot of organizations, and it can be a disruptive technology, including in the development arena.

Gotcha4: Lack of documentation hinders cloud developers

There is a lack of documentation to help developers understand the cloud and the tools and resources that can be used to build applications in that environment.

Gotcha5: Network issues can bedevil private cloud environments

Developing in the cloud sometimes means developing in your own private cloud, which may not have the multitenancy and load-movement capabilities that keep your applications available 24/7. Other issues that can affect development and testing involve network delays and latency and the size of network pipes, especially in certain parts of the world.

Gotcha6: It's easy to let the meter run unnecessarily on the cloud

Another potential problem is wasting money on cloud fees. Developers can easily forget or neglect to turn off virtual machines they aren't using. When it was on an in-house, capitalized server, this was no big deal. But when it is on usage-metered, leased resources as with public cloud computing, this is a waste of money

Among the nontechnical issues with the cloud that can have an impact on development are licensing restrictions.

Gotcha8: Integration can be harder to troubleshoot

Integrating new applications with existing ones can be a key part of the development process, and the cloud brings even more challenges from an integration perspective.

Gotcha9: The cloud's fast pace of change can be hard to keep up with

Being on a quickly evolving cloud development platform, like Azure, means it's necessary to update best practices frequently

Despite the learning curve, cloud development is appealingDespite the potential challenges, for many organizations application development in the cloud rather than sticking with traditional methods makes sense, for the same reasons that cloud computing in general makes sense: elasticity of resources and cost, and reduced operational complexity, both of which lead to shorter completion time.

Wednesday, January 06, 2010

Create non-clustered indexes on columns which are, frequently used in the search criteria, Used to join other tables, Used as foreign key fields , Of having high selectivity (Column which returns a low percentage (0-5%) of rows from a total number of rows on a particular value) or Used in the ORDER BY clause

Create appropriate covering indexes

Use Database Tuning Advisor’s help while creating covered index

Defragment indexes if fragmentation occurs

It's really tempting to create index on all eligible columns in your database tables. But, if you are working with a transactional database (An OLTP system where update operations take place most of the times), creating indexes on all eligible columns might not be desirable every time. In fact, creating heavy indexing on OLTP systems might reduce overall database performance (As most operations are update operations, updating data means updating indexes as well).

A rule of thumb can be suggested as follows: If you work on a transactional database, you should not create more than 5 indexes on the tables on an average. On the other hand, if you work on a Data warehouse application, you should be able to create up to 10 indexes on the tables on an average.